Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
| Ç¥ÁعøÈ£ | TTAE.IT-X.1451 | ±¸Ç¥ÁعøÈ£ | |
|---|---|---|---|
| Á¦°³Á¤ÀÏ | 2021-12-08 | ÃÑÆäÀÌÁö | 35 |
| ÇѱÛÇ¥Áظí | ÀÎÁõ ÃÖÀûȸ¦ À§ÇÑ À§Çè ½Äº° | ||
| ¿µ¹®Ç¥Áظí | Risk identification to optimize authentication | ||
| Çѱ۳»¿ë¿ä¾à | ÀÌ Ç¥ÁØÀº ÀÎÁõ ±â´ÉÀÌ È£ÃâµÇ±â Àü¿¡ ICT ¼ºñ½º ½Ã½ºÅÛÀÇ À§Çè ½Äº° ±â´ÉÀ» Àü 󸮱â·Î ÁöÁ¤ÇÑ´Ù. À̸¦ ÅëÇØ ICT ¼ºñ½º ½Ã½ºÅÛÀº ½Äº°µÈ À§ÇèÀ» ±â¹ÝÀ¸·Î »ç¿ëÀÚ ÀÎÁõÀ» ÃÖÀûÈÇÒ ¼ö ÀÖ´Ù.
±×¸®°í ´ÙÀ½ »çÇ×À» ´Ù·é´Ù. - ÇÙ½É ¼ºñ½º ó¸® ¼ºê ½Ã½ºÅÛ°ú ÀÎÁõ ¼ºê ½Ã½ºÅÛ »çÀÌ¿¡ À§Çè ½Äº° ±â´ÉÀÌ µµÀÔµÈ ICT ¼ºñ½º ½Ã½ºÅÛÀÇ ÂüÁ¶ ¸ðµ¨; - À§Çè ½Äº° ±â´ÉÀÇ ±¸¼º ¿ä¼Ò ¸ðµâ¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ¼³¸í°ú À§Çè ½Äº° ¹× »ç¿ëÀÚ ÀÎÁõ ÃÖÀûÈ ¹æ¹ý; – À§Çè ½Äº° ¿£ÁøÀ» À§ÇÑ ´ë¾È ó¸® ¼³°è. |
||
| ¿µ¹®³»¿ë¿ä¾à | This Recommendation specifies a risk identification function in an ICT service system as a pre-processor before the authentication function is invoked. It enables the ICT service system to optimize user authentication based on identified risks.
This Recommendation covers the following topics: a reference model of an ICT service system where a risk identification function is introduced in between the core service-handling subsystem and the authentication subsystem; a detailed explanation of the component modules of this risk identification function, and how risks are identified and user authentication is optimized; alternative processing designs for the risk identification engine. |
||
| ±¹Á¦Ç¥ÁØ | |||
| °ü·ÃÆÄÀÏ |
 TTAE.IT-X.1451.pdf
| ||
